 |
| Nimda is a complex virus with a mass mailing worm component which spreads itself in attachments named README.EXE.
|
| It affects Windows 95, Windows 98, Windows Me, Windows NT 4 and Windows 2000 users. Nimda is the first worm to modify existing web sites to start offering infected files for download. Also it is the first worm to use normal end user machines to scan for vulnerable web sites. This technique enables Nimda to easily reach intranet web sites located behind firewalls - something worms such as Code Red couldn't directly do. Nimda uses the Unicode exploit to infect IIS web servers. This hole can be closed with a Microsoft patch, downloadable from: http://www.microsoft.com/technet/security/bulletin/ms00-078.asp The MIME exploit used by the worm can be fixed with this patch: http://www.microsoft.com/technet/security/bulletin/MS01-020.asp |
| Tilbake... |
|
|
|
 |
|
 |
 |
